<?php
class login{
	
	function __construct(){
		include_once "db.php";
        $this->data = new db();
	}
	
	function loginCheck($username, $password){
		$this->user = preg_replace("/[^a-zA-Z0-9_@\-\.\s]/", "", $username);
		$this->pass = preg_replace("/[^a-zA-Z0-9_\-\.\s]/", "", $password);
		$this->sql = "SELECT email, account, fname, lname, class, country, school_id, grade, grade_room FROM users where username = ".$this->user." AND password = '".$this->pass."'";
		$this->result = $this->data->execute($this->sql, "onerow");
		
		if($this->result == false){
			return false;
		} else {
		
			session_start();
			$_SESSION['user'] = $this->user;
			$_SESSION['email'] = $this->result['email'];
			$_SESSION['account'] = $this->result['account'];
			$_SESSION['name'] = $this->result['fname'];
			$_SESSION['lname'] = $this->result['lname'];
			$_SESSION['lname'] = $this->result['school_id'];
			$_SESSION['lname'] = $this->result['grade'];
			$_SESSION['lname'] = $this->result['grade_room'];
			return true;
		
		}
	}
}
?>